Akira Ransomware Attack

Fortiguard Security Advisory

What is the Akira Ransomware Attack?

The Akira ransomware attack has actively and widely impacting businesses. According to CISA advisory, the ransomware group has impacted over 250 organizations and claimed approximately $42 million (USD) in ransomware proceeds. The ransomware group gains initial access via either less-secured VPN or Cisco vulnerabilities. Once the network is compromised, the threat actor is able to target a system and encrypt files with .akira extension.

What is the recommended Mitigation?

Review attack surfaces and ensure that all systems are kept up-to-date with the latest patches. Also, maintain general awareness and training about the risk of phishing and social engineering attacks in the organization.

What FortiGuard Coverage is available?

FortiGuard Labs has existing AV signatures (i.e. W64/Akira.C!tr.ransom) to block all the known malware variants used by Ransomware group and has blocked related IoCs via Web filtering service.

READ MORE

Leave a Reply

Your email address will not be published. Required fields are marked *